Re: Supporting Encryption in Postgresql
| От | Paul Tillotson |
|---|---|
| Тема | Re: Supporting Encryption in Postgresql |
| Дата | |
| Msg-id | 4140EA96.1000102@shentel.net обсуждение исходный текст |
| Ответ на | Re: Supporting Encryption in Postgresql (Josh Berkus <josh@agliodbs.com>) |
| Ответы |
Re: Supporting Encryption in Postgresql
|
| Список | pgsql-hackers |
Given that the client does not write pages to the disk, this would be back-end encryption. Just out of curiosity, what threat model does this sort of encryption protect against? Surely any attacker who can read the files off the disk can also get the password used to encrypt them. Or would this be provided by the client and kept in RAM only? Paul Tillotson >Murat, > > > >>For our research project, I need to implement an encryption support for >>Postgressql. At this current phase, I need to at least support page >>level encryption In other words, each page that belongs to a certain >>sensitive table will be stored encrypted on the harddisk. >> >> > >Are you planning on doing the decryption on the back-end, or on the client? >It certainly seems to me that doing it on the client would make more sense; >if the data is decrypted on the back-end, then you will still need the >overhead of an SSL connection. > >In any case, I'm glad that you're looking into this; encryption-on-disk is one >of those "missing features" that we might never have gotten around to as a >project ... > > >
В списке pgsql-hackers по дате отправления: